Skip to content

spinov001-art/api-secrets-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
scanner.py
scanner.py
 
 

Repository files navigation

API Secrets Scanner

Scan your codebase for accidentally committed API keys, tokens, and secrets.

Detects: AWS keys, GitHub tokens, Stripe keys, Google API keys, Slack tokens, private keys, and 15+ other secret patterns.

Read why .env files aren't enough →

Quick Start

# No dependencies — pure Python
python scanner.py                    # Scan current directory
python scanner.py /path/to/project   # Scan specific path
python scanner.py --verbose           # Show each finding
python scanner.py --json              # Output as JSON

What It Detects

Secret Type Pattern
AWS Access Key AKIA...
GitHub Token ghp_..., gho_...
Stripe Key sk_live_..., sk_test_...
Google API Key AIza...
Slack Token xoxb-...
npm Token npm_...
PyPI Token pypi-...
Private Keys -----BEGIN PRIVATE KEY-----
Generic secrets password/token/secret in config files

Use in CI

# GitHub Actions
- name: Scan for secrets
  run: |
    python scanner.py . --json > secrets-report.json
    if [ $(python -c "import json; print(len(json.load(open('secrets-report.json'))))") -gt 0 ]; then
      echo "Secrets found! Check secrets-report.json"
      exit 1
    fi

Related

Author

Built by Alex Spinov — production-grade web scrapers and data tools.

License

MIT

About

Scan codebases for leaked API keys, tokens, and secrets. Detects AWS, GitHub, Stripe, Google, Slack, and 15+ other secret patterns. Pure Python.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages